<?
include "libhtml.php";
include "libsession.php";
include "libdocmgr.php";
requireLogin();
echoHeader("Document List");
?>

<h1>Document Manager</h1>
<table border="0" cellpadding="0" cellspacing="0">
  <tbody>
    <tr>
      <th>Title<br></th>
      <th>Current Step<br></th>
      <th>Owner<br></th>
      <th>Date Due<br></th>
      <th>Actions<br></th>
    </tr>
    <?
    	$sql = "SELECT d.Id, d.Title, u.Id AS OwnerId, u.Name AS OwnerName, d.DateDue, ws.Name AS StepName
			FROM Document d
			LEFT JOIN User u ON u.Id=d.OwnerId
			LEFT JOIN WorkflowStep ws ON ws.Id=d.WorkflowStepId ";
			
    	if (isset($_GET['userid']) && $_GET['userid'] > 0)
    	{
	    	$sql .= " WHERE d.OwnerId=" . $_GET['userid'];
		}
		$sql .= " ORDER BY Id; ";
    			
    	$result = query_db($sql);
    	
    	while ($document = mysql_fetch_array($result, MYSQL_ASSOC))
    	{
	    	echo "<tr>";
	    	echo "	<td>";
	    	echo "		<a href='Document_Edit.php?docid=" . $document['Id'] . "'>" . $document['Title'] . "</a>";
			echo "	</td>";
			echo "	<td>" . $document["StepName"] . "</td>";
	    	echo "	<td>" . $document["OwnerName"] . "</td>";
	    	echo "	<td>" . $document["DateDue"] . "</td>";
	    	echo "	<td>";
	    	
	    	// update button just redirects, so we dont need any server stuff
	    	echo "		<a href='Document_Edit.php?docid=" . $document['Id'] . "'>";
	    	echo "			<img src='images/green-checkmark.gif' height='30' width='30' border='0' alt='Update Document'>";
	    	echo "		</a>";
	    	
	    	// you can only delete your own documents
	    	if ($document["OwnerId"] == $_SESSION["userid"])
	    	{
		    	// go back to whatever page you're on now, My Docs or All Docs
		    	$returnparam = "";
		    	if (isset($_GET["userid"]) && $_GET["userid"] > 0)
		    		$returnparam = "?userid=" . $_GET["userid"];
		    		
		    	echo "		<form action='WorkflowUpdate.php' style='display: inline;' method=post>";
				echo "			<input type=hidden name=action value='deletedocument'>";
				echo "			<input type=hidden name=targetid value='" . $document["Id"] . "'>";
				echo "			<input type=hidden name=redirecturl value='Document_List.php$returnparam'>";
				echo "			<input type=image SRC='images/red-x.jpg' HEIGHT='30' WIDTH='30' BORDER='0' ALT='Add Document'>";
				echo "		</form>";
			}
	    	
	    	echo "  </td>";
	    	echo "</tr>";
    	}
    	
    	mysql_free_result($result);
    ?>
	<? //echoDocs(1); ?>
  </tbody>
</table>

<div style='text-align: center;'>
	<br>
	<button value="Search" name="btnSearch">Search...</button>
	<form action='WorkflowUpdate.php' method=post>
		<input type=hidden name=action value='adddocument'>
		<input type=hidden name=targetid value='<? echo $_SESSION["userid"]; ?>'>
		<?
			// go back to whatever page you're on now, My Docs or All Docs
		    $returnparam = "";
		    if (isset($_GET["userid"]) && $_GET["userid"] > 0)
		    	$returnparam = "?userid=" . $_GET["userid"];
			echo "<input type=hidden name=redirecturl value='Document_List.php$returnparam'>"
		?>
		<input type=image SRC='images/blue-plus.jpg' HEIGHT='30' WIDTH='30' BORDER='0'>Add Document
	</form>
</div>

<? echoFooter(); ?>